From: "Luis R. Rodriguez" <mcgrof@kernel.org>
To: Julien Grall <julien.grall@arm.com>
Cc: "Matt Fleming" <matt@codeblueprint.co.uk>,
"Michael Chang" <MChang@suse.com>,
"Jim Fehlig" <jfehlig@suse.com>,
"Jan Beulich" <JBeulich@suse.com>,
"H. Peter Anvin" <hpa@zytor.com>,
"Stefano Stabellini" <sstabellini@kernel.org>,
"Daniel Kiper" <daniel.kiper@oracle.com>,
"X86 ML" <x86@kernel.org>, "Vojtěch Pavlík" <vojtech@suse.cz>,
"Gary Lin" <GLin@suse.com>,
xen-devel <xen-devel@lists.xenproject.org>,
"Jeffrey Cheung" <JCheung@suse.com>,
"Charles Arndol" <carnold@suse.com>,
"Kees Cook" <keescook@chromium.org>,
"Josh Triplett" <josh@joshtriplett.org>, joeyli <jlee@suse.com>,
"Borislav Petkov" <bp@alien8.de>,
"Boris Ostrovsky" <boris.ostrovsky@oracle.com>,
"Juergen Gross" <jgross@suse.com>,
"Andrew Cooper" <andrew.cooper3@citrix.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"Andy Lutomirski" <luto@amacapital.net>,
"David Vrabel" <david.vrabel@citrix.com>
Subject: Re: HVMLite / PVHv2 - using x86 EFI boot entry
Date: Fri, 15 Apr 2016 07:55:39 -0700 [thread overview]
Message-ID: <CAB=NE6UDuLOnW8xfTcgCGSbJ1aS4TkkokcGdeJGHMBps0T9=Sg__21510.4292998605$1460732246$gmane$org@mail.gmail.com> (raw)
In-Reply-To: <5710BD0B.2070306@arm.com>
On Fri, Apr 15, 2016 at 3:06 AM, Julien Grall <julien.grall@arm.com> wrote:
> On 14/04/16 21:56, Luis R. Rodriguez wrote:
>> On Thu, Apr 14, 2016 at 03:56:53PM -0400, Konrad Rzeszutek Wilk wrote:
>>> But to make that work you have to emulate EFI firmware in the
>>> hypervisor. Is that work you are signing up for?
>>
>> I'll do what is needed, as I have done before. If EFI is on the long
>> term roadmap for ARM perhaps there are a few birds to knock with one
>> stone here. If there is also interest to support other OSes through
>> EFI standard means this also should help make that easier.
>
> We already have a working solution for EFI on ARM which does not require to
> emulate the firmware in the hypervisor.
I get that.
> On ARM, the EFI stub is communicating with the kernel using device-tree [1].
> Once the EFI stub has ended, the native path (i.e non-UEFI) will be executed
> normally and it won't be possible to use BootServices anymore.
>
> For the guest, we provide a full support of EFI using OVMF.
I get that as well, is this the long term solution ? That still
requires OVMF, will relying on OVMF always be what is used on Xen ARM
? Was it too much of a burden to require OVMF? Is the upstream OVMF
code pulled by Xen at build time on ARM, or just wget a binary ?
> For DOM0, Xen
> will craft the UEFI system table and the UEFI memory map. The locations of
> those tables will be passed to DOM0 using a tiny device-tree [1] and the
> kernel will boot using the native path. The runtime services for DOM0 will
> be provided via hypercall.
Thanks this helps!
> The DOM0 approach has been discussed for a long time (see [3]) and I believe
> this is better than emulating UEFI firmware in Xen. We want to keep Xen on
> ARM tiny. Adding any sort of emulation will increase the attack surface and
> require more maintenance from our side.
OK thanks, would re-using OVMF (note, DT perhaps may not be ideal for
x86 for the rest though) be a reasonable solution on x86 as an option
then?
Luis
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-04-15 14:56 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20160406024027.GX1990@wotan.suse.de>
2016-04-06 9:40 ` HVMLite / PVHv2 - using x86 EFI boot entry David Vrabel
2016-04-06 11:07 ` George Dunlap
2016-04-06 11:11 ` Daniel Kiper
[not found] ` <CAFLBxZbRjB6QWH5GbG6osCXat9NQVUAyDYrAMrdALbCofpX3Dg@mail.gmail.com>
2016-04-06 15:02 ` Matt Fleming
2016-04-07 18:51 ` Luis R. Rodriguez
[not found] ` <20160406150240.GO2701@codeblueprint.co.uk>
2016-04-06 16:05 ` Konrad Rzeszutek Wilk
2016-04-06 16:23 ` Konrad Rzeszutek Wilk
2016-04-08 21:53 ` Luis R. Rodriguez
2016-04-13 10:03 ` Roger Pau Monné
[not found] ` <20160413100312.647eocdtbmak4btk@mac>
2016-04-13 10:21 ` Matt Fleming
[not found] ` <20160407185148.GL1990@wotan.suse.de>
2016-04-08 14:16 ` George Dunlap
[not found] ` <5707BD2E.20204@citrix.com>
2016-04-08 21:58 ` Luis R. Rodriguez
[not found] ` <20160408215854.GU1990@wotan.suse.de>
2016-04-12 22:12 ` Luis R. Rodriguez
2016-04-13 9:54 ` Roger Pau Monné
[not found] ` <20160412221225.GN1990@wotan.suse.de>
2016-04-13 10:05 ` George Dunlap
2016-04-13 10:25 ` Roger Pau Monné
[not found] ` <CAFLBxZbiGppNad=Z6-fLgx89O0yAFrSyARTCwv=vHBR3zJ=NsA@mail.gmail.com>
2016-04-13 18:54 ` Luis R. Rodriguez
[not found] ` <20160413185451.GY1990@wotan.suse.de>
2016-04-14 9:42 ` George Dunlap
[not found] ` <570F65F7.5050108@citrix.com>
2016-04-14 19:59 ` Luis R. Rodriguez
[not found] ` <20160413102156.b4qwhwbqvnnpmxgw@mac>
2016-04-13 19:10 ` Luis R. Rodriguez
[not found] ` <20160413095428.5mcbrimvc6vxffcw@mac>
2016-04-13 18:50 ` Luis R. Rodriguez
[not found] ` <20160413185010.GX1990@wotan.suse.de>
2016-04-13 19:02 ` Konrad Rzeszutek Wilk
2016-04-13 19:14 ` Luis R. Rodriguez
[not found] ` <20160413191408.GA1990@wotan.suse.de>
2016-04-13 19:22 ` Konrad Rzeszutek Wilk
2016-04-13 20:01 ` Luis R. Rodriguez
[not found] ` <20160413200118.GC1990@wotan.suse.de>
2016-04-13 20:11 ` Konrad Rzeszutek Wilk
2016-04-13 20:35 ` Luis R. Rodriguez
[not found] ` <CAB=NE6VdTB1Bc=c0oCd_tTHpwwkQcxhnOFdcLfck2jX=JjuOAQ@mail.gmail.com>
2016-04-13 20:48 ` Konrad Rzeszutek Wilk
2016-04-14 10:13 ` George Dunlap
2016-04-13 15:44 ` George Dunlap
[not found] ` <CAFLBxZbJ4QyJQ1-ZuXg_Q-9YNXnWzDyPNp4SX=d9g0DS8mJKaw@mail.gmail.com>
2016-04-13 19:52 ` Luis R. Rodriguez
[not found] ` <20160413195257.GB1990@wotan.suse.de>
2016-04-14 9:53 ` George Dunlap
[not found] ` <570F68AB.2040400@citrix.com>
2016-04-14 19:44 ` Luis R. Rodriguez
[not found] ` <20160414194408.GP1990@wotan.suse.de>
2016-04-14 20:38 ` Konrad Rzeszutek Wilk
[not found] ` <20160414203847.GB21657@localhost.localdomain>
2016-04-14 21:12 ` Luis R. Rodriguez
[not found] ` <20160414211201.GS1990@wotan.suse.de>
2016-04-15 2:14 ` Konrad Rzeszutek Wilk
2016-04-15 5:50 ` Juergen Gross
2016-04-15 9:59 ` George Dunlap
[not found] ` <57108121.1070307@suse.com>
2016-04-15 15:24 ` Luis R. Rodriguez
[not found] ` <5710BB74.2060409@citrix.com>
2016-04-15 15:30 ` Luis R. Rodriguez
[not found] ` <20160415153028.GX1990@wotan.suse.de>
2016-04-15 16:03 ` George Dunlap
[not found] ` <571110BB.2000408@citrix.com>
2016-04-15 17:17 ` Luis R. Rodriguez
[not found] ` <5704D978.1050101@citrix.com>
2016-04-08 20:40 ` Luis R. Rodriguez
[not found] ` <20160408204032.GR1990@wotan.suse.de>
2016-04-11 5:12 ` Juergen Gross
[not found] ` <570B3228.90400@suse.com>
2016-04-12 21:02 ` Andy Lutomirski
[not found] ` <CALCETrXvGR3XKJf5Ab_ZPc-iuNuzR8AzLpRBciemKz4r0vSrGA@mail.gmail.com>
2016-04-13 9:02 ` Roger Pau Monné
[not found] ` <20160413090202.bg2vfdl3iol7eedv@mac>
2016-04-13 10:15 ` Matt Fleming
[not found] ` <20160413101515.GJ2829@codeblueprint.co.uk>
2016-04-13 10:40 ` Matt Fleming
2016-04-13 11:12 ` George Dunlap
2016-04-13 11:59 ` Roger Pau Monné
[not found] ` <20160413115846.hyt4lg24rfkenbxu@mac>
2016-04-15 22:53 ` Matt Fleming
2016-04-13 18:29 ` Luis R. Rodriguez
[not found] ` <20160413182951.GW1990@wotan.suse.de>
2016-04-13 18:56 ` Konrad Rzeszutek Wilk
2016-04-13 20:40 ` Luis R. Rodriguez
[not found] ` <20160413204055.GD1990@wotan.suse.de>
2016-04-13 21:08 ` Konrad Rzeszutek Wilk
2016-04-13 22:23 ` Luis R. Rodriguez
[not found] ` <20160413222317.GH1990@wotan.suse.de>
2016-04-14 1:01 ` Konrad Rzeszutek Wilk
[not found] ` <20160414010131.GA21510@localhost.localdomain>
2016-04-14 18:40 ` Luis R. Rodriguez
[not found] ` <20160414184048.GM1990@wotan.suse.de>
2016-04-14 19:56 ` Konrad Rzeszutek Wilk
2016-04-14 20:56 ` Luis R. Rodriguez
[not found] ` <20160414205619.GR1990@wotan.suse.de>
2016-04-15 2:02 ` Konrad Rzeszutek Wilk
2016-04-15 10:06 ` Julien Grall
[not found] ` <5710BD0B.2070306@arm.com>
2016-04-15 14:55 ` Luis R. Rodriguez [this message]
[not found] ` <CAB=NE6UDuLOnW8xfTcgCGSbJ1aS4TkkokcGdeJGHMBps0T9=Sg@mail.gmail.com>
2016-04-15 18:44 ` Stefano Stabellini
[not found] ` <20160415020246.GA6956@localhost.localdomain>
2016-04-15 17:08 ` Luis R. Rodriguez
[not found] ` <20160406111130.GG3489@olila.local.net-space.pl>
2016-04-07 19:12 ` Luis R. Rodriguez
2016-04-09 17:02 ` Luis R. Rodriguez
2016-04-06 2:40 Luis R. Rodriguez
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAB=NE6UDuLOnW8xfTcgCGSbJ1aS4TkkokcGdeJGHMBps0T9=Sg__21510.4292998605$1460732246$gmane$org@mail.gmail.com' \
--to=mcgrof@kernel.org \
--cc=GLin@suse.com \
--cc=JBeulich@suse.com \
--cc=JCheung@suse.com \
--cc=MChang@suse.com \
--cc=andrew.cooper3@citrix.com \
--cc=boris.ostrovsky@oracle.com \
--cc=bp@alien8.de \
--cc=carnold@suse.com \
--cc=daniel.kiper@oracle.com \
--cc=david.vrabel@citrix.com \
--cc=hpa@zytor.com \
--cc=jfehlig@suse.com \
--cc=jgross@suse.com \
--cc=jlee@suse.com \
--cc=josh@joshtriplett.org \
--cc=julien.grall@arm.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=matt@codeblueprint.co.uk \
--cc=sstabellini@kernel.org \
--cc=vojtech@suse.cz \
--cc=x86@kernel.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).